niklas/amduat-api
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
amduat-api/notes/Ready-for-Pick-Up v2.md
Carl Niklas Rydberg 1d552bd46a Added some notes that needs to be analyzed.
2026-01-17 00:19:49 +01:00

268 lines
5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Yes — and that alternative is **very powerful**, because it flips the posture from *“rescued object”* to *“self-sovereign entrant asking for admission”*.
Both modes must exist, and youre now describing the **second one**.
Let me formalize it cleanly, without mixing layers or over-specifying.
---
# Ready-for-Pick-Up v2
## (Pre-Minted Domain + Certificates, Asking for Admission)
This is a **deliberate, anticipatory stance**:
> *“I arrive with a domain, keys, intent, and discipline.
> I ask to be accepted, not rescued.”*
---
## 1. What You Bring to the Table
You do **not** bring ASL internals.
You bring **authority and intent**.
### 1.1 A Domain (Already Minted)
You arrive with:
```text
DomainID
- stable identifier
- self-declared scope
- empty or near-empty state
```
This domain:
* Has **no data obligations yet**
* Is capable of holding blocks and logs
* Is isolated and sovereign
It may contain:
* zero artifacts
* bootstrap artifacts
* policy manifests
---
### 1.2 Authority Material (Offline-Minted)
You arrive with:
* **Domain Root Certificate**
* **Signing key**
* **Policy hash**
* Optional:
* operator certificate
* device certificate (SystemRescue image)
No federation required yet.
No trust assumed yet.
This is **ASL-AUTH territory**, not ASL-CORE.
---
### 1.3 A Domain Authority Manifest (DAM)
This is the *single most important object* you bring.
It says:
> *“This is who I am, what I claim, and how I will behave.”*
Minimal DAM contents:
```text
- DomainID
- Root public key
- Policy hash
- Declared invariants
- Requested relationship(s)
```
No artifacts required yet.
---
## 2. What You Ask For (The Admission Request)
You dont ask for “access”.
You ask for **recognition under constraints**.
Example:
```text
Admission Request:
- Accept my DomainID
- Accept my root certificate
- Allow me to publish artifacts
- Optionally grant courtesy storage
- Subject to my declared policy
```
This is **not trust yet**.
It is *acknowledgment*.
---
## 3. How Common / Unity Responds
Common does **not** execute your code.
Common does **not** ingest your data yet.
It performs:
### 3.1 Structural Validation
* DomainID well-formed
* DAM syntactically valid
* Policy hash declared
* Keys match manifest
### 3.2 Policy Compatibility Check
* No invariant violations
* No forbidden claims
* No escalation attempt
### 3.3 Admission Outcome
One of:
| Outcome | Meaning |
| ------------------ | --------------------- |
| Accepted | Domain may publish |
| Accepted (limited) | Courtesy storage only |
| Deferred | Await manual review |
| Rejected | No interaction |
This is **governance**, not storage.
---
## 4. After Acceptance: What Changes
Only *after* acceptance:
* Your domain may:
* publish sealed artifacts
* pin snapshots
* emit PERs
* Common may:
* pin your published snapshots
* replicate your log
* reference your artifacts
You still own your data.
Common only **recognizes it**.
---
## 5. Why This Is Better Than “Blind Rescue”
| Rescue Mode | Admission Mode |
| ------------------------------ | ------------------------------- |
| Common acts first | You act first |
| Data arrives untrusted | Authority arrives first |
| Provenance reconstructed later | Provenance anchored immediately |
| Courtesy is implicit | Courtesy is negotiated |
Both are valid — but **this one scales better socially**.
---
## 6. How This Fits Your SystemRescue Image
Your patched SystemRescue now becomes:
> **A portable domain factory + admission client**
It can:
* generate a domain
* mint keys offline
* produce DAM
* present admission request
* wait
Standing ready is literal now.
---
## 7. What Can Be Implemented Right Now (No ASL Needed)
You can implement **all of this today**:
* DAM schema
* Certificate layout
* Policy hash definition
* Admission request format
* Verification logic
* Human / semi-automated approval
No ASL-CORE.
No PEL.
No TGK.
Just **authority and intent**.
---
## 8. Key Insight (This Is Important)
> **Storage is not the entrance. Authority is.**
ASL begins *after* admission.
This prevents:
* garbage ingestion
* unbounded courtesy
* identity ambiguity
* provenance ambiguity
---
## 9. Where This Leads Next
From here, the natural next specs are:
1. **ASL-AUTH v0.1** (you already started this)
2. **Domain Admission Protocol**
3. **DAM canonical encoding**
4. **Policy hash registry**
5. **Courtesy lease semantics**
---
## 10. Final Framing
You are no longer saying:
> *“Please take my data.”*
You are saying:
> *“Here is a domain.
> Here is my authority.
> Here is my discipline.
> May I participate?”*
Thats exactly the right posture for the system youre building.
If you want, next I can:
* formalize the **Domain Admission Protocol**
* draft the **DAM schema precisely**
* define **courtesy leases**
* or show how **rescue-mode and admission-mode unify cleanly**
Just point.
Reference in a new issue View git blame Copy permalink